diff options
author | Viorel Suman <viorel.suman@intel.com> | 2016-02-19 15:02:28 +0200 |
---|---|---|
committer | Bruce Beare <bruce.j.beare@intel.com> | 2016-03-04 08:41:13 -0800 |
commit | 7ac1c3541d55b0e95752e45028de6968096812f5 (patch) | |
tree | f8b20ed158784f9c4fdcfee960d683ae6f2b5860 | |
parent | 86a1d09a7e6ee9f216da63f1fb57a3c769af564d (diff) | |
download | minnowboard-7ac1c3541d55b0e95752e45028de6968096812f5.tar.gz |
Replace userfastboot with efi-fastboot
o Minnowboard flash now uses fastboot-over-tcp implementation
in kernelflinger.
o Userfastboot is removed.
o Add fastboot option in kernelflinger manifest for
boot option in UEFI BIOS at OS flash time.
BUG=none
Change-Id: Ib4a3d108c76e6e6a89b555ef62eeb90afed85ae5
Tracked-On: https://jira01.devtools.intel.com/browse/BP-267
Signed-off-by: Viorel Suman <viorel.suman@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
-rw-r--r-- | BoardConfig.mk | 20 | ||||
-rw-r--r-- | bootloader.mk | 10 | ||||
-rw-r--r-- | build/tasks/flashfiles.mk | 4 | ||||
-rw-r--r-- | build/tasks/ramdisk.mk | 20 | ||||
-rwxr-xr-x | flash_tools/brillo-flashall.sh | 2 | ||||
-rw-r--r-- | sepolicy/file.te | 1 | ||||
-rw-r--r-- | sepolicy/genfs_contexts | 1 | ||||
-rw-r--r-- | sepolicy/init.te | 11 | ||||
-rw-r--r-- | sepolicy/kernel.te | 5 | ||||
-rw-r--r-- | sepolicy/te_macros | 9 | ||||
-rw-r--r-- | sepolicy/userfastboot.te | 37 |
11 files changed, 14 insertions, 106 deletions
diff --git a/BoardConfig.mk b/BoardConfig.mk index 50b61da..dd5ee8c 100644 --- a/BoardConfig.mk +++ b/BoardConfig.mk @@ -44,17 +44,9 @@ PLATFORM_SENSOR_LIST += MPU9150Accelerometer PLATFORM_SENSOR_LIST += MMA7660Accelerometer PLATFORM_SENSOR_LIST += LSM303dAccelerometer - TARGET_BOOTLOADER_BOARD_NAME := $(TARGET_DEVICE) # -# USERFASTBOOT Configuration -# -TARGET_STAGE_USERFASTBOOT := true -TARGET_USE_USERFASTBOOT := true -USERFASTBOOT_NO_GUI := true - -# # KERNELFLINGER Configuration # TARGET_UEFI_ARCH := x86_64 @@ -69,8 +61,6 @@ KERNELFLINGER_GEN_GRAPHICS := false PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/by-name/system BOOTLOADER_USE_PREBUILT := $(shell echo $${BOOTLOADER_USE_PREBUILT:-true}) -BOOTLOADER_ADDITIONAL_DEPS += $(PRODUCT_OUT)/fastboot.img -BOOTLOADER_ADDITIONAL_ARGS += --fastboot $(PRODUCT_OUT)/fastboot.img # Note: We use := here to force the policy directory to be added # on the first pass for make and to thus get around a build system bug. @@ -80,15 +70,19 @@ vendor_partition_directory := vendor/bsp/intel/minnowboard PRODUCT_COPY_FILES += \ device/intel/minnowboard/flash_tools/brillo-flashall.sh:provision-device \ - device/intel/minnowboard/fstab:root/fstab.$(TARGET_DEVICE) \ - $(vendor_partition_directory)/boot_binaries/gpt.ini:gpt.ini \ + device/intel/minnowboard/fstab:root/fstab.$(TARGET_DEVICE) + +ifeq ($(BOOTLOADER_USE_PREBUILT),false) +PRODUCT_COPY_FILES += \ + $(vendor_partition_directory)/boot_binaries/gpt.bin:gpt.bin \ $(vendor_partition_directory)/boot_binaries/oemvars.txt:oemvars.txt +endif BRILLO_VENDOR_PARTITIONS := \ $(vendor_partition_directory)/boot_binaries:bootloader \ $(vendor_partition_directory)/boot_binaries:fastboot-usb.img \ $(vendor_partition_directory)/boot_binaries:oemvars.txt \ - $(vendor_partition_directory)/boot_binaries:gpt.ini \ + $(vendor_partition_directory)/boot_binaries:gpt.bin \ $(vendor_partition_directory)/boot_binaries:README # Must defined at the end of the file diff --git a/bootloader.mk b/bootloader.mk index 3ad8d28..8c96a2f 100644 --- a/bootloader.mk +++ b/bootloader.mk @@ -40,7 +40,6 @@ endif kernelflinger := $(PRODUCT_OUT)/efi/kernelflinger.efi BOARD_FIRST_STAGE_LOADER := $(kernelflinger) -USERFASTBOOT_2NDBOOTLOADER := intermediates := $(call intermediates-dir-for,PACKAGING,bootloader_zip) bootloader_zip := $(intermediates)/bootloader.zip @@ -56,7 +55,8 @@ $(bootloader_zip): \ $(hide) mkdir -p $(efi_root)/EFI/BOOT $(hide) $(ACP) $(BOARD_FIRST_STAGE_LOADER) $(efi_root)/loader.efi $(hide) $(ACP) $(BOARD_FIRST_STAGE_LOADER) $(efi_root)/EFI/BOOT/$(efi_default_name) - $(hide) echo "Brillo=\\EFI\\BOOT\\$(efi_default_name)" > $(efi_root)/manifest.txt + $(hide) echo "Brillo-OS=loader.efi" > $(efi_root)/manifest.txt + $(hide) echo "Fastboot=loader.efi;-f" >> $(efi_root)/manifest.txt $(hide) (cd $(efi_root) && zip -qry ../$(notdir $@) .) bootloader_metadata := $(intermediates)/bootloader-size.txt @@ -106,11 +106,9 @@ $(fastboot_usb_bin): \ # Build when 'make' is run with no args droidcore: $(fastboot_usb_bin) -.PHONY: userfastboot-usb -userfastboot-usb: $(fastboot_usb_bin) +.PHONY: fastboot-usb +fastboot-usb: $(fastboot_usb_bin) $(call dist-for-goals,droidcore,$(fastboot_usb_bin):$(TARGET_PRODUCT)-fastboot-usb-$(FILE_NAME_TAG).img) -# for userfastboot, we need the userfastboot image in the bootloader partition. -INSTALLED_RADIOIMAGE_TARGET += $(PRODUCT_OUT)/fastboot.img endif diff --git a/build/tasks/flashfiles.mk b/build/tasks/flashfiles.mk index 617cb5d..9527331 100644 --- a/build/tasks/flashfiles.mk +++ b/build/tasks/flashfiles.mk @@ -29,7 +29,7 @@ MINNOWBOARD_BINARIES := $(MINNOWBOARD_VENDOR)/boot_binaries MINNOWBOARD_DEVICE := device/intel/minnowboard MINNOWBOARD_TOOLS := $(MINNOWBOARD_DEVICE)/flash_tools -MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/gpt.ini +MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/gpt.bin MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/bootloader MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/oemvars.txt MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_TOOLS)/brillo-flashall.sh @@ -38,7 +38,7 @@ MINNOWBOARD_FLASHFILES += $(PRODUCT_OUT)/boot.img MINNOWBOARD_FLASHFILES += $(PRODUCT_OUT)/system.img MINNOWBOARD_FLASHFILES += $(PRODUCT_OUT)/userdata.img -# Include the usb-stick userfastboot +# Include the usb-stick fastboot image MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/fastboot-usb.img # Include fastboot and adb - so that the latest is available diff --git a/build/tasks/ramdisk.mk b/build/tasks/ramdisk.mk deleted file mode 100644 index ba3c82d..0000000 --- a/build/tasks/ramdisk.mk +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2016 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ifeq ($(BOOTLOADER_USE_PREBUILT),false) -ifeq ($(TARGET_USE_USERFASTBOOT),true) --include $(TOPDIR)vendor/bsp/intel/userfastboot/ramdisk.mk -endif -endif diff --git a/flash_tools/brillo-flashall.sh b/flash_tools/brillo-flashall.sh index 4cb0c14..6641040 100755 --- a/flash_tools/brillo-flashall.sh +++ b/flash_tools/brillo-flashall.sh @@ -55,7 +55,7 @@ VENDOR=$(dir_with_file bootloader \ "${ANDROID_BUILD_TOP}/vendor/bsp/intel/minnowboard/boot_binaries") -fastboot flash gpt "${VENDOR}"/gpt.ini \ +fastboot flash gpt "${VENDOR}"/gpt.bin \ flash bootloader "${VENDOR}"/bootloader \ flash boot_a "${OS}"/boot.img \ flash boot_b "${OS}"/boot.img \ diff --git a/sepolicy/file.te b/sepolicy/file.te deleted file mode 100644 index 91679cb..0000000 --- a/sepolicy/file.te +++ /dev/null @@ -1 +0,0 @@ -type efivarfs, fs_type; diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts deleted file mode 100644 index 2e6490e..0000000 --- a/sepolicy/genfs_contexts +++ /dev/null @@ -1 +0,0 @@ -genfscon efivarfs / u:object_r:efivarfs:s0 diff --git a/sepolicy/init.te b/sepolicy/init.te deleted file mode 100644 index b8bae16..0000000 --- a/sepolicy/init.te +++ /dev/null @@ -1,11 +0,0 @@ -userfastboot_only(` - domain_trans(init, rootfs, userfastboot) - domain_trans(init, rootfs, dhcp) - - userdebug_or_eng(` - # Used for the serial console, shell label set by the console service - # definition from init.rc with: - # seclabel u:r:shell:s0 - domain_trans(init, rootfs, shell) - ') -') diff --git a/sepolicy/kernel.te b/sepolicy/kernel.te deleted file mode 100644 index f0910c6..0000000 --- a/sepolicy/kernel.te +++ /dev/null @@ -1,5 +0,0 @@ -userfastboot_only(` - # This is the loop back fd used by userfastboot to mount and verify the - # bootloader image - allow kernel userfastboot:fd use; -') diff --git a/sepolicy/te_macros b/sepolicy/te_macros index 632389c..4b8b946 100644 --- a/sepolicy/te_macros +++ b/sepolicy/te_macros @@ -1,13 +1,4 @@ ##################################### -# Userfastboot only -# SELinux rules which apply only to userfastboot mode -# -define(`userfastboot_only', ifelse(target_userfastboot, `true', $1, )) - -define(`notuserfastboot', ifelse(target_userfastboot, `true', -userfastboot, )) - - -##################################### # target_only(target, rules) # SELinux rules which only apply to a particular target # target - the target name in TARGET_PRODUCT. Note this is a substring search diff --git a/sepolicy/userfastboot.te b/sepolicy/userfastboot.te deleted file mode 100644 index 623a262..0000000 --- a/sepolicy/userfastboot.te +++ /dev/null @@ -1,37 +0,0 @@ -# Rules for bootable/userfastboot which pretty much does -# everything the neverallow's catch in external/sepolicy -userfastboot_only(` - - # Keep the type from infiltrating non-userfastboot - # builds. - type userfastboot, domain; - permissive userfastboot; - - # For silence - dontaudit userfastboot self:capability_class_set *; - dontaudit userfastboot kernel:security *; - dontaudit userfastboot kernel:system *; - dontaudit userfastboot self:memprotect *; - dontaudit userfastboot domain:process *; - dontaudit userfastboot domain:fd *; - dontaudit userfastboot domain:dir r_dir_perms; - dontaudit userfastboot domain:lnk_file r_file_perms; - dontaudit userfastboot domain:{ fifo_file file } rw_file_perms; - dontaudit userfastboot domain:socket_class_set *; - dontaudit userfastboot domain:ipc_class_set *; - dontaudit userfastboot domain:key *; - dontaudit userfastboot fs_type:filesystem *; - dontaudit userfastboot fs_type:dir_file_class_set *; - dontaudit userfastboot dev_type:dir_file_class_set *; - dontaudit userfastboot file_type:dir_file_class_set *; - dontaudit userfastboot node_type:node *; - dontaudit userfastboot node_type:{ tcp_socket udp_socket } node_bind; - dontaudit userfastboot netif_type:netif *; - dontaudit userfastboot port_type:socket_class_set name_bind; - dontaudit userfastboot port_type:{ tcp_socket dccp_socket } name_connect; - dontaudit userfastboot domain:peer recv; - dontaudit userfastboot domain:binder *; - dontaudit userfastboot property_type:property_service set; - dontaudit userfastboot efivarfs:dir search; - dontaudit userfastboot efivarfs:file rw_file_perms; -') |